Welcome! » Log In » Create A New Profile

Preserve and export text but still protect - how?

Posted by scanreg 
Preserve and export text but still protect - how?
March 26, 2010 12:55PM

I need to allow users to enter text data into a form and then load that data into a mysql db and then extract that same data for various print jobs.

Thus, the characters that go in must be exactly the same as what is extracted for the print job.

However, of course I'd like to ensure that the data on the server (from upload through extraction) is filtered/cleaned

Is there a way to allow all kinds of characters, extract them exactly the same, but protect the system too?

I know you can filter going in, just not sure how I'd get it all out the same and still keep the system happy.

Thanks so much :-)

Re: Preserve and export text but still protect - how?
March 26, 2010 09:31PM

What I tend to recommend people do is store two fields: one that contains the purified text and one that contains the precise original.

Re: Preserve and export text but still protect - how?
March 27, 2010 12:31PM

What I tend to recommend people do is store two fields: one that contains the purified text and one that contains the precise original.

That's the tricky part, I'm concerned about saving stuff that could be shell things, how do I sanitize such potential shell stuff but still preserve the text precisely? (If I'm not understanding things, my apology)

Thanks

Re: Preserve and export text but still protect - how?
March 27, 2010 01:14PM

I see. My recommendation is to store it in a database, so the user can't actually directly access the files. Saving arbitrary input to a file is actually tricky business and require a lot of protection against browsers like Internet Explorer.

Re: Preserve and export text but still protect - how?
March 27, 2010 04:11PM

Thanks, will give it a go, might allow .xls file uploads too, thanks again :-)

Re: Preserve and export text but still protect - how?
March 29, 2010 07:42AM

BTW, does it matter where the raw data is?

In other words, it's only executable in certain locations, not all ?

Thanks

Re: Preserve and export text but still protect - how?
March 29, 2010 10:42AM

Right. If you dump it in a file, it's possible that it will become executable. If you stick it in a database, that risk goes down.

Re: Preserve and export text but still protect - how?
March 29, 2010 12:55PM

Ah, okay, thanks :-)

Re: Preserve and export text but still protect - how?
December 07, 2010 07:45AM

Thank You ^^"

Re: Preserve and export text but still protect - how?
January 21, 2011 01:12PM

you could also secure the RAW data in the DB by base64 encoding it before storing in the table, then when you want to retrieve the RAW data for printing, base64 decode it after fetching from the DB. in that way the raw data stored in the DB is unintelligible until it's decoded.

Sorry, you do not have permission to post/reply in this forum.